What's new at DZP?
We are pleased to inform you that, within the long-term cooperation established between PZU S.A. and DZP, our law firm is providing legal support to the insurer's clients during the handling of computer security incidents. As part of the incident handling, PZU also provides its clients with support from cyber security and public relations experts. As Paweł Gruszecki, Counsel in the IP&TMT Practice and project coordinator, notes:
"Importantly, all three areas of activity mentioned above (i.e. legal, IT security and media) need to be coordinated because they are complementary, i.e. closely correlated, as legal services will not make a proper legal assessment of the facts without first obtaining information from dedicated cybersecurity personnel. Media support (image protection) should in turn take into account in its work the results of both legal and cybersecurity teams.
According to Aleksandra Auleytner, Partner and Head of the IP&TMT Practice: "Legal support for incident handling is to enable incidents to be properly classified and recommendations to be made for potential follow-up measures, such as notification of suspicion of an offence having been committed, termination of unreliable contracts with subcontractors and defence of the interests of the undertaking affected by the incident in the event of a risk of claims being brought against it by business partners or consumers".
"It will also be important to make a legal and technical assessment of whether the affected undertaking has to some extent breached applicable law, e.g. by failing to implement remedies that are adequate and provide a degree of security appropriate to the risk identified. In this case, legal support may also include representing the insured person in proceedings before the competent supervisory authorities.” adds Karolina Kulikowska, Associate in the IP&TMT Practice.
From 25 May 2018 the General Data Protection Regulation (GDPR) applies in Poland and other European Union countries. We would therefore like to give you several details on the subject of how DZP processes personal data.
The administrator of the personal data is Domański Zakrzewski Palinka Sp.k. (“DZP”; address: Rondo ONZ 1, 00-124 Warszawa). Data are processed for contact purposes and to impart information on changes to provisions and authority practices and on other issues, including events concerning day-to-day legal, economic and cultural issues, inter alia, by sending DZP newsletters. The above is carried out on the basis of legitimate interests, i.e. in accordance with art. 6(1)(f) of the GDPR. Data can also be processed where necessary for the conclusion or performance of a contract and for compliance with a legal obligation to which DZP is subject, i.e. pursuant to art. 6(1)(b) and (c) of the GDPR. Data can be transferred to entities with whose help DZP achieves the indicated aims, including entities maintaining IT infrastructure. Giving data is voluntary and in contractual relations is a requirement for concluding and performing a contract. It is possible to object to data processing, request access to, rectification and erasure of personal data or restriction of processing and data portability. Data are kept until an objection is made, and in contractual relations – throughout the term of the contract and thereafter for a period specified in provisions on archiving and limitations period for claims. Anyone has the right to file a complaint with the President of the Personal Data Protection Office. Questions concerning privacy at DZP can be sent to DZP’s Data Protection Inspector, Macieja Maciejewskiego, at: firstname.lastname@example.org.
New rules on cookies: Domański Zakrzewski Palinka sp.k., as the service provider of the www.dzp.pl website, stores and accesses cookies, i.e. small text information fles sent by a web server and stored on your hard drive, or other data storage medium of a user, for the purposes of: proper functioning of the www.dzp.pl website, confguring the www.dzp.pl website, security and reliability of the www.dzp.pl website, session monitoring, providing advertisements, personalization of the displayed information to the user, or analysis, statistics, research and website trafc auditing.